Bus providers in Denmark and Norway claimed that they are urgently investigating a so-called“security loophole”discovered in their fleets of vehicles made by Yutong,a company based in China,alleging that these buses can be stopped remotely,according to NBC News on Sunday.
Also at the end of the report,NBC cited an industrial expert saying that“It just comes down to trust,”as chances of China to destroy its entire export industry for vehicles,or EVs in order to prove a political and military point are“incredibly small.”
A Chinese expert said on Monday that the move exposes distrust toward China’s manufacturing,a long-lasting tactic from some Western media,which employs public opinion manipulation to pave the way for a series of exclusionary actions targeting China grounded in geopolitical motives rather than technical facts.
According to NBC,Jeppe Gaard,chief operating officer of the Danish public transport provider Movia,claimed that because these buses can receive updates and diagnostic tests“over the air,”they can be“stopped remotely,either by the manufacturer or by a hacker.”
“Electric buses,like electric cars,in principle can be remotely deactivated if their software systems have online access,”he said.This isn’t just a“Chinese bus concern;it is a challenge for all types of vehicles and devices with these kinds of electronics built in,”Gaard asserted.
The claim was first made earlier this month by the Norwegian bus operator Ruter,which claimed that Yutong“has direct digital access to each individual bus for software updates and diagnostics,”and in theory,“this bus can be stopped or rendered inoperable by the manufacturer,”per the NBC report.
Also on Sunday,The Financial Times reported that the UK government is investigating whether hundreds of Chinese-made electric buses on British roads could be remotely deactivated.
At the end of the NBC’s report,Ken Munro,founder of the British American cybersecurity consultancy Pen Test Partners,said that“Do we believe that China would destroy its entire export industry for vehicles,EVs or not,in order to prove a political and military point?It is within the bounds of plausibility,”but the chances are“incredibly small,”Munro said.
“It just comes down to trust,”he added,per NBC.
Zhang Xiaorong,director of the Beijing-based Cutting-Edge Technology Research Institute,said that the move again exposes distrust toward China’s manufacturing,a sentiment long amplified in some Western media.
“This kind of fear-mongering hype employs public opinion manipulation and cognitive warfare in the absence of concrete evidence to permanently position China’s high-tech products under a presumption of guilt,thereby paving the way for a series of exclusionary actions grounded in geopolitical motives rather than technical facts,”Zhang told the Global Times on Monday.
“For China to lose its credibility in global manufacturing just to control buses in Europe...That's utterly absurd,”Zhang said,noting that Chinese companies operate locally in full compliance with laws and regulations,contributing to Europe’s green development through their low-carbon products and technologies.
According to Zhang,remote diagnosis and update features are common configurations in modern smart electric vehicles,aimed at improving operational and maintenance efficiency.
“The so-called‘risks’are actually quite exaggerated.Just imagine,by analogy to phone software:the underlying system on a phone,along with all the installed apps,can be updated over the network—and smart cars operate in exactly the same way.So,does that mean nothing that's networked is safe?”a veteran intelligent vehicle industry practitioner who requested anonymity told the Global Times on Monday.
“Virtually any networked vehicle carries the same so-called security risks,”Zhang said,noting that if these bus providers only targeted a Chinese company,it is no longer a purely technical and safety problem,but one with geopolitical implications by overstretching the concept of security.
According to NBC,asked for comment on the Danish and Norwegian moves,Yutong sent an emailed statement saying that it“understands and highly values the public’s concerns regarding vehicle safety and data privacy protection,”and“strictly complies with the applicable laws,regulations,and industry standards.”
It said its vehicle data in the EU is stored in an Amazon Web Services data center in Frankfurt,Germany,where it is“protected by storage encryption and access control measures,”and that“without customer authorization,no one is allowed to access or operate the system.”per the report.
